Hacked Passwords Cause GitHub A Headache
Gareth Andrews / 9 years ago
These days, when you start to work on programming something, it’s common for a group of people to start working on a project. Be it a simple program or a complex one, keeping track of who has done what changes and making sure you know what’s happening is hard enough if you work in the same room, hence the use of code repositories. The most famous code repository is GitHub, keeping track of thousands of commits across countless projects that anyone can download and contribute to (unless you set yours to private). Sadly it would seem that even with their knowledge about programming, GitHub has become the latest to suffer to hackers thanks to the oldest weakness in technology, the people using it.
The latest hack seems to have enabled the hackers access to several accounts, with the brute force hack using email and passwords combinations that the hackers had acquired, possibly from one of the many breaches and listing online from sites like LinkedIn and MySpace. The Vice President of Security at GitHub, Shawn Davenport, posted in a blog stating that the accounts affected had their passwords reset and emails were being sent out to affected users. Davenport also recommended the use of two-factor authentication, to ensure that only authorised people could gain access to their GitHub repositories.
In a final remark regarding their password security, Davenport even linked to an XKCD comic on password strength (pictured above), maybe inspiring a few others to create more secure passwords.